← Back

CVE-2020-9320

nvd nist
Published: Feb 20, 2020Modified: Nov 21, 2024

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. This affects versions before 8.3.54.138 of Antivirus for Endpoint, Antivirus for Small Business, Exchange Security (Gateway), Internet Security Suite for Windows, Prime, Free Security Suite for Windows, and Cross Platform Anti-malware SDK. NOTE: Vendor asserts that vulnerability does not exist in product

Affected (8)

Avira
8 products
Anti Malware Sdk
Antivirus Server
Avira Antivirus For Endpoint
Avira Antivirus For Small Business
Avira Exchange Security
Avira Free Security Suite
Avira Internet Security Suite
Avira Prime
Configuration A
8 vulnerable
Vulnerable SoftwareAffected Versions
Anti Malware Sdk
Before 8.3.54.138
Antivirus Server
Before 8.3.54.138
Avira Antivirus For Endpoint
Before 8.3.54.138
Avira Antivirus For Small Business
Before 8.3.54.138
Avira Exchange Security
Before 8.3.54.138
Avira Free Security Suite
Before 8.3.54.138
Avira Internet Security Suite
Before 8.3.54.138
Avira Prime
Before 8.3.54.138

Related CWEs

CWE-434
Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (8)

Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.